Dev news

Commit 06304d4f4f for openssl.org

commit 06304d4f4f1d84a388909b5ca6610881007a2a62
Author: Milan Broz <gmazyland@gmail.com>
Date:   Wed Jan 14 14:32:43 2026 +0100

    Fix unterminated-string-initialization and add this warning to strict warnings

    The -Wunterminated-string-initialization is a strange gcc warning,
    as C99 allows non-nul string initialization.
    Note, it is included in -Wextra, but does not exist in old gcc versions.

    However, it can report other real bugs.

    Fixes: https://github.com/openssl/project/issues/1814

    Signed-off-by: Milan Broz <gmazyland@gmail.com>

    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
    Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
    Reviewed-by: Tomas Mraz <tomas@openssl.org>
    MergeDate: Tue Jan 20 18:43:39 2026
    (Merged from https://github.com/openssl/openssl/pull/29661)

diff --git a/Configure b/Configure
index e5d587f2fc..173096816b 100755
--- a/Configure
+++ b/Configure
@@ -171,7 +171,6 @@ my @gcc_devteam_warn = qw(
     -Wextra
     -Wno-unused-parameter
     -Wno-missing-field-initializers
-    -Wno-unterminated-string-initialization
     -Wswitch
     -Wsign-compare
     -Wshadow
diff --git a/test/hmactest.c b/test/hmactest.c
index d3ae8955d8..2bd3c10cad 100644
--- a/test/hmactest.c
+++ b/test/hmactest.c
@@ -33,7 +33,7 @@

 #ifndef OPENSSL_NO_MD5
 static struct test_st {
-    const char key[16];
+    const unsigned char key[16];
     int key_len;
     const unsigned char data[64];
     int data_len;
@@ -47,7 +47,7 @@ static struct test_st {
         "e9139d1e6ee064ef8cf514fc7dc83e86",
     },
     {
-        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",
+        { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b },
         16,
         "Hi There",
         8,
@@ -61,7 +61,7 @@ static struct test_st {
         "750c783e6ab0b503eaa86e310a5db738",
     },
     {
-        "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa",
+        { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa },
         16,
         { 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
             0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
diff --git a/test/modes_internal_test.c b/test/modes_internal_test.c
index 7e1192265c..585e25623e 100644
--- a/test/modes_internal_test.c
+++ b/test/modes_internal_test.c
@@ -36,11 +36,12 @@ typedef struct {
  ***/

 /* cts128 test vectors from RFC 3962 */
-static const unsigned char cts128_test_key[16] = "chicken teriyaki";
-static const unsigned char cts128_test_input[64] = "I would like the"
-                                                   " General Gau's C"
-                                                   "hicken, please, "
-                                                   "and wonton soup.";
+static const unsigned char cts128_test_key[16] = { 'c', 'h', 'i', 'c', 'k', 'e', 'n', ' ', 't', 'e', 'r', 'i', 'y', 'a', 'k', 'i' };
+static const unsigned char cts128_test_input[64] = { 'I', ' ', 'w', 'o', 'u', 'l', 'd', ' ', 'l', 'i', 'k', 'e', ' ', 't', 'h', 'e',
+    ' ', 'G', 'e', 'n', 'e', 'r', 'a', 'l', ' ', 'G', 'a', 'u', '\'', 's', ' ', 'C', 'h',
+    'i', 'c', 'k', 'e', 'n', ',', ' ', 'p', 'l', 'e', 'a', 's', 'e', ',', ' ', 'a',
+    'n', 'd', ' ', 'w', 'o', 'n', 't', 'o', 'n', ' ', 's', 'o', 'u', 'p', '.' };
+
 static const unsigned char cts128_test_iv[] = {
     0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
 };
diff --git a/test/sslapitest.c b/test/sslapitest.c
index efc3a863b3..80ac1f8fff 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -8917,8 +8917,8 @@ static int tick_key_cb(SSL *s, unsigned char key_name[16],
     unsigned char iv[EVP_MAX_IV_LENGTH], EVP_CIPHER_CTX *ctx,
     HMAC_CTX *hctx, int enc)
 {
-    const unsigned char tick_aes_key[16] = "0123456789abcdef";
-    const unsigned char tick_hmac_key[16] = "0123456789abcdef";
+    const unsigned char tick_aes_key[16] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
+    const unsigned char tick_hmac_key[16] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
     EVP_CIPHER *aes128cbc;
     EVP_MD *sha256;
     int ret;
@@ -8959,8 +8959,8 @@ static int tick_key_evp_cb(SSL *s, unsigned char key_name[16],
     unsigned char iv[EVP_MAX_IV_LENGTH],
     EVP_CIPHER_CTX *ctx, EVP_MAC_CTX *hctx, int enc)
 {
-    const unsigned char tick_aes_key[16] = "0123456789abcdef";
-    unsigned char tick_hmac_key[16] = "0123456789abcdef";
+    const unsigned char tick_aes_key[16] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
+    unsigned char tick_hmac_key[16] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
     OSSL_PARAM params[2];
     EVP_CIPHER *aes128cbc;
     int ret;